You are here

Tridium Niagara (ICSA-20-224-03)

Tridium Niagara (ICSA-20-224-03)

Created: Thursday, August 13, 2020 - 08:49
Categories:
Cybersecurity

CISA has published an advisory on a synchronous access of remote resource without timeout vulnerability in Tridium Niagara. For Niagara, versions 4.6.96.28, 4.7.109.20, 4.7.110.32, and 4.8.0.110 are affected. For Niagara Enterprise Security, versions 2.4.31, 2.4.45, and 4.8.0.35 are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition. Tridium has released updates that mitigate this vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.